Resources

Press Releases

RiskIQ Reports Malicious Mobile Apps in Google Play Have Spiked Nearly 400 Percent

February 19, 2014

Research Also Shows Steady and Significant Drop in Number of Malicious Apps Being Removed in Past Three Years

SAN FRANCISCO, CA, RSA Conference USA 2014 — February 19, 2014 — RiskIQ, the company that protects corporate brands and their customers on the Internet, today announced research findings on the presence of malicious apps contained in the Google Play store. The company found that malicious apps have grown 388 percent from 2011 to 2013, while the number of malicious apps removed annually by Google has dropped from 60% in 2011 to 23% in 2013. Apps for personalizing Android phones led all categories as most likely to be malicious.

The explosive growth of mobile apps has attracted a criminal element looking for new ways to distribute malware that can be used to commit fraud, identity theft and steal confidential data

CLICK TO TWEET: .@RiskIQ finds malicious #mobileapps in #GooglePlay have Spiked Nearly 400 Percent http://bit.ly/1hsrWId

The results were gathered by the RiskIQ for Mobile service, which continuously monitors mobile application stores to detect suspect applications, application tampering and brand impersonation. For this survey, RiskIQ only counted Android apps in the Google Play store as malicious if they are/contain spyware and (SMS) Trojans that:

  • Collect and send GPS coordinates, contact lists, e-mail addresses etc. to third parties
  • Send SMS messages to premium-rate numbers
  • Subscribe infected phones to premium services
  • Record phone conversations and send them to attackers
  • Take control over the infected phone
  • Download other malware onto infected phones

“The explosive growth of mobile apps has attracted a criminal element looking for new ways to distribute malware that can be used to commit fraud, identity theft and steal confidential data,” said Elias Manousos CEO of RiskIQ. “Malicious apps are an effective way to infect users since they often exploit the trust victims have in well known brands and companies they do business with like banks, insurance companies, healthcare providers and merchants. Our unique visibility directly into App Stores allows us to shine a light on this problem and prevent attackers from impersonating brands to exploit their customers.”

Summary of Findings

Using a distributed global proxy network RiskIQ continuously scans and interacts with mobile apps in leading app stores via synthetic clients that emulate real users. This patent-pending technology exposes malware that would otherwise not “show itself” to traditional web crawler software. The highlights of the RiskIQ for Mobile research on the Google Play store include:

Percentage of Malicious Mobile Apps
2011 2012 2013
2.7% 9.2% 12.7%
Percentage of Malicious Mobile Apps Removed
2011 2012 2013
60% 40% 23%
Top Five App Categories with Most Malware
2011 2012 2013
1. Entertainment 1. Personalization 1. Personalization
2. Education/Books 2. Entertainment 2. Entertainment
3. Media/Audio/Video 3. Education/Books 3. Education/Books
4. Personalization 4. Media/Audio.Video 4. Media/Audio.Video
5. Sports 5. Sports 5. Sports

RiskIQ will demonstrate its RiskIQ for Mobile service next week at RSA Conference South Expo Booth #2341.